information security engineer Sacramento, CA
Job description
Minimum Pay Rate: $76,392.00
Maximum Pay Rate: $101,148.00
Civil Service Status: Non Civil Service
Apply by Date: 07/27/2023
Posting Type: Open
This position is a part time entry level OT (Operational Technology) Cybersecurity Engineer position working in SMUD's OT Cybersecurity Engineering Team. OT Cybersecurity Engineers work with SMUD's Asset Owners, Integrated Security Operations Center (ISOC) Engineers, and Cybersecurity Analysts to assess, design, maintain and operate OT Cybersecurity technology solutions to meet requirements for OT Cybersecurity risk and compliance standards.
Purpose
Provides specialized enterprise-wide cybersecurity Engineering to assist with maintaining an acceptable level of cyber and privacy risk while ensuring the cybersecurity and resilience of SMUD Information, IT and OT systems, and network infrastructure. A cybersecurity Engineer at SMUD has a vital role in our cybersecurity program to protect and manage the cyber and privacy risk to our people, process and technology. A Cybersecurity Engineer at SMUD provides physical, technical, and administrative control engineering to protect the confidentiality, integrity, and availability of our IT and OT cyber assets.
Nature and Scope
This classification is comprised of four levels: Level E is the entry level where incumbents acquire knowledge, skills and abilities to perform the tasks associated within the series. The incumbent is promoted/progressed to level J upon demonstrating the required skills and knowledge to independently perform the full scope of the job. The Senior Sr level is comprised of the advanced journey level resource who is responsible for the advanced assignments. The Principal level is comprised of the subject matter expert/lead level and is responsible for the leading of the most advance work. Promotion to the Senior or Principal level is not through a progression and will happen through SMUDs standard civil service hiring process. This is a progressive series and incumbents hired at the entry level are required to successfully progress to the journey level within 60 months of appointment to remain within the job series.
Duties and Responsibilities
- Assists in the design, development, implementation, and/or integration of SMUD security architecture, system, or system components for use within IT and OT environments. Ensures that the architecture and design of SMUD IT and OT are functional and secure.
- Learns and provides network and systems security engineering, design engineering, security tests and evaluations, and risk assessments for OT and enterprise-level IT systems, including risk management, vulnerability assessments, security assessments, strategy and project development, network architecture designs, and monitoring solutions.
- Aids in enhancing the enterprise cybersecurity program by developing technical security requirements and technical security control implementation guidance for IT/OT network infrastructure to include hardware, software, and services.
- Applies technical experience and knowledge on routing, switching, MPLS, SONET/SDH, Frame/Relay, Telecommunications, Wireless Microwave and LTE and Radio technologies.
- Maintain skills implementing and/or operating security and networking technologies: Application Security Scanners, Endpoint Protection, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing and Logging, Vulnerability Management, and Virtual Private Networking technologies such as IPSEC, SSL/TLS, SSH, site to site and network to network.
- Gains knowledge and learns to advise on the design and innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture, to include security solutions utilized in SCADA/Control systems environments, applying working knowledge of ICCP, DNP3, MODBUS and other common IEC utility protocols such as IEC-60870-5, IEC-61850.Develops and maintain technical knowledge of TCP/IP, DNS, SMTP, HTTP, FTP, SNMP, Active Directory, LDAP, Ethernet, Wireless LAN, and other WAN/LAN Protocols.
- Apply knowledge and functional experience with IDS/IPS, WAF, ADC, firewall, VPN across a wide range of complex architectures, platforms and mediums.
- Review and/or monitor network and system activity and analyze evidence of suspicious behavior to identify and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
- Other related duties as assigned
Required Education
Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e Computer Science, Systems Engineering, Electrical Engineering) or equivalent experience. If no degree, 5 or more (5+) years of relevant experience required.
Required Experience
One or more (1+) years of progressively relevant professional or technical experience in cybersecurity and/or information security.
Required Licenses/Certificates
Professional certifications with an emphasis on Cybersecurity, Information Security, Security and/or Network Administration, or Audit e.g., CISSP, GSLC, GCIP, CASP, CRISC, CIPP, CIPT, CAP, GSEC, GICSP, GCUX, GMOB, GLEG, GRID, CEH, CPEN, SSCP, CCSP, CSSLP, GSNA, CCNA, CCIE, CISM, CISA, CIA, CompTIA Security+ required or must be able to obtain and maintain an industry recognized certification within one year of hire.
Knowledge Of
Skills To
Desirable Qualifications
- Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
- Ability to accurately define incidents, problems, and events in the trouble ticketing system
- Ability to operate common network tools (e.g., ping, traceroute, nslookup)
- Ability to monitor measures or indicators of system performance and availability
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
- Knowledge of computer networking concepts and protocols, and network security methodologies
- Knowledge of cybersecurity and privacy principles
- Knowledge of cyber threats and vulnerabilities
- Knowledge of specific operational impacts of cybersecurity lapses
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
- Knowledge of operating systems
- Knowledge of security system design tools, methods, and techniques
- Knowledge of server and client operating systems
- Knowledge of systems administration concepts
- Knowledge of virtualization technologies and virtual machine development and maintenance
- Knowledge of operating system command-line tools
- Knowledge of how to use network analysis tools to identify vulnerabilities
Physical Requirements
Sacramento Municipal Utility District (SMUD) - Who We Are
As the nation's sixth-largest community-owned electric service provider, we're proud of our reputation as one of the best places to work in Sacramento. Our employees tell us in our engagement surveys they're "Happy, satisfied and engaged" which helps create a workplace that best serves our customers. Sacramento was named as the 2nd happiest place to work in America by Forbes Magazine. Lake Tahoe, San Francisco and the world-renowned Napa Valley are within easy driving distance of our locations.
Our Commitment to Diversity & Inclusion
SMUD celebrates diversity, and inspires an inclusive culture based on trust and respect to create belonging and connection among our employees, customers, and communities. By working together, we are powering positive, equitable opportunities for all. We aspire to be a workplace where you can be yourself, achieve your best, and thrive together.
An example of our commitment to Diversity, Equity, Inclusion, and Belonging is when SMUD signed the California Equal Pay Pledge in 2020. This requires equal pay for employees who perform “substantially similar work,” when viewed as a composite of skill, effort, and responsibility at the time those employees started within that classification. As such, initial hiring salary range is not subject to negotiation and salaries will vary over time based on performance.
SMUD is proud to be an equal opportunity employer. We do not discriminate in employment decisions on the basis of race, color, religion, gender (including pregnancy), national origin, political affiliation, sexual orientation, gender identity or expression, marital status, disability, genetic information, age, veteran status, or any other applicable legally protected characteristic. All employment decisions are made on the basis of individual qualifications, merit, and business needs and interests.
Why Sacramento, California?
The capitol of California, Sacramento is the state's sixth-largest city, and the 35th largest in the U.S. Local universities include California State University, University of the Pacific's McGeorge School of Law, and the University of California, Davis and several competitive community colleges. The UC Davis Medical Center, a world-renowned research hospital, is one of more than a dozen hospitals and shared services centers in the Sacramento region. Part of the agriculturally-rich Central Valley, Sacramento is at the forefront of the farm-to-fork food movement. Northern California is home to some of the country's top technology companies, including Google and LinkedIn, and a multitude of startups in many industries. Sacramento is home to the NBA Kings, the River Cats (AAA baseball), the Republic FC (soccer) and the San Francisco Giants, NBA Warriors and NFL 49er's aren't far away. Sacramento offers an affluent liberal arts community with Broadway, Mondavi Center, Crocker Museum and summer musical theater to name a few.
Hybrid Work
This position may be eligible for SMUD's hybrid (office/home) work employee benefit, the schedule of which will be determined by the successful candidate and the Hiring Manager. SMUD takes pride in powering the Sacramento region community where we live and work. We value the strong working relationships we develop with our colleagues. Our approach to hybrid work will continue to evolve. Please be aware that should SMUD’s business needs change, emergencies occur, or various other reasons arise, you may be required to report onsite on a part-time or full-time basis.
SMUD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. SMUD complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
SMUD expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of SMUD employees to perform their expected job duties is absolutely not tolerated.
